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(54) Multi Protocol Label Switching Virtual Private Network gateway-based networking method 

(57) Tine present invention discloses a IVIuIti Proto- 
col Label Switching Virtual Private Networl< (IN/IPLS 
VPN) gateway-based network metliod comprising: set 
one or more Multi Protocol Label Switching Virtual Pri- 
vate Network (MPLS VPN) gateways between a local 
Internet Service Provider (ISP) network and a superior 
Internet Service Provider (ISP) network/other Internet 
Service Provider (ISP) network, connect the Multi Pro- 
tocol Label Switching Virtual Private Network (MPLS 
VPN) gateway with the local Internet Service Provider 
(ISP) network and the superior Internet Service Provider 
(ISP) network/other Internet Service Provider (ISP) net- 
work and at the same time connect the Multi Protocol 
Label Switching Virtual Private Network (MPLS VPN) 
gateway with Custom Edge Router (GE) devices in the 
subscribers' network according to the network topology, 
corresponding functions on the Multi Protocol Label 
Switching Virtual Private Network (MPLS VPN) gateway 
are put into service to provide Multi Protocol Label 
Switching Virtual Private Network (MPLS VPN) servic- 
es; said scheme enables Internet Service Providers 
(ISP) to provide Multi Protocol Label Switching Virtual 
Private Network (MPLS VPN) services quickly with low 
investment and conventional network access capacity 
without modifying conventional network structure, which 
enhances competitive power and protect conventional 
investment. 
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Description 

BACKGROUND OF THE INVENTION 

1 . Field of the Invention 

[0001] The present invention relates to a networking 
method, particularly to a Multi Protocol Label Switching 
Virtual Private Network (MPLS VPN) gateway-based 
networking nnethod. 

2. Background of the Invention 

[0002] Virtual Private Network (VPN) is a private net- 
work implemented with public networks (e.g., the net- 
work resources of Internet Service Protocol (ISP)) by an 
enterprise or a specific user group with the aim to satisfy 
their unique demand. Through a VPN, an enterprise or 
a specific user group can establish secure and reliable 
connections among to their branches, remote users, 
and business partners to transfer data at a low cost. Typ- 
ically, a conventional VPN is IP-based, i.e., IP VPN, 
which simulates a dedicated WAN with I P network struc- 
ture and is implemented through some IP tunnel mech- 
anisms such as L2TP (2-layer tunnel protocol) etc. The 
VPN subscribers' data are transferred via tunnels. How- 
ever, IP VPNs are difficult to configure, manage, and ex- 
pand. 

[0003] The Multi Protocol Label Switching (MPLS) 
technology combines IP technology on 3-layer and 
hardware switching technology on 2-layer, and utilizes 
a fixed length label as the unique sign for group trans- 
mission in a MPLS network. The technology integrates 
flexibility and expandability of IP technology and high 
performance. Quality of Service (QoS) ability, and traffic 
control ability of hardware switching technologies such 
as ATM (Asynchronous Transfer Mode). MPLS technol- 
ogy can not only solve a large amount of problems (such 
as QoS, Group Broadcast, and VPN support etc) in con- 
ventional networks, but also implement a lot of newf unc- 
tions such as traffic engineering, route display, etc. 
Therefore, MPLS is an ideal IP backbone network tech- 
nology. 

[0004] MPLS/BGP VPN is a solution to provide IP 
VPN services by using MPLS technology and Border 
Gateway Protocol (BGP) in public networks. Fig.1 
shows a network topology of MPLS/BGP VPN, wherein 
the ISP network comprises P devices and PE devices. 
[0005] P devices (Provider Routers) are mainly re- 
sponsible for MPLS forwarding. PE devices (Provider 
Edge Routers) are the main bodies for providing MPLS/ 
BGP VPN services. A PE device maintains an inde- 
pendent route table for each VPN subscriber's site and 
implements detection of VPN topologies and training of 
VPN internal routes through BGP. ACE device (Custom 
Edge Router) is a common router, which connects a 
VPN subscriber's site to a PE directly without any sup- 
port to MPLS or VPN signaling and protocol. 


[0006] A VPN user may have a plurality of sites, each 
of which may be a set of networks or sub-networks. A 
plurality of sites in a VPN constitute a 3-layer intercon- 
nection architecture through an ISP MPLS network, and 

5 the ISP NPLS network is responsible for routing and for- 
warding tasks among the sites. 
[0007] However, ISPs are facing the following prob- 
lems when providing MPLS/BGP VPN services: If the 
MPLS/BGP VPN is utilized as the network structure, the 

10 ISP network shall be composed of P devices and PE 
devices to completely support MPLS technology and 
have MPLS/BGP VPN ability. However, most conven- 
tional ISP networks employ diverse technologies (in- 
cluding router networking, ATM networking, or Ethernet 

15 networking), and many original devices in those net- 
works have no MPLS ability. In the networks, there is no 
corresponding P devices or PE devices to implement 
MPLS/BGP VPN ability. If the ISPs want to provide 
MPLS/BGP VPN services, conventional networks 

20 should be upgraded and rebuilt to a large extent, which 
not only brings adverse effect to conventional services, 
but also requires vast investment to construct a large 
amount of PE devices to cover subscriber's networks. 
Said problems have become a severe restraint factor to 

25 the development and popularization of MPLS/BGP VPN 
services. 

SUMMARY OF THE INVENTION 

30 [0008] The object ofthe present invention is to provide 
a MPLS VPN gateway-based networking method, with 
which ISPs can quickly deliver MPLS/BGP VPN servic- 
es at the minimized cost without modifying the architec- 
ture of conventional ISP networks. 
35 [0009] To attain said object, the MPLS VPN gateway- 
based networking method in the present Invention com- 
prises the following steps: 

step 1 : set one or more Multi Protocol Label Switch- 
40 ing Virtual Private Network (MPLS VPN) gateways 
between a local ISP network and a superior ISP net- 
work/other ISP network; 

step 2: connect the MPLS VPN gateway with the 
local ISP network and the superior ISP network/oth- 
45 er ISP network and at the same time connect the 
MPLS VPN gateway with Custom Edge Router (CE) 
devices in the subscribers' network according to the 
network topology; 

step 3: start corresponding functions on the MPLS 
50 VPN gateway to provide MPLS VPN services. 

[0010] In step 1 , said one or more MPLS VPN gate- 
ways are set according to the actual traffic of MPLS VPN 
services. 

55 [0011] Said MPLS VPN gateway is connected to the 
local ISP network via IP, Local Area Network (LAN), Vir- 
tual Local Area Network (VLAN), or Asynchronous 
Transfer Mode Permanent Virtual Connection (ATM 


35 


40 


45 


2 


3 


EP 1 388 978 A1 


4 


PVC). 

[0012] The network connection between said IVIPLS 
VPN gateway and the superior ISP network/other net- 
work supports both IP and MPLS protocols. 
[0013] The network connections between said MPLS 
VPN gateway and CE devices in the subscribers' net- 
work are through physical links. 
[0014] The connections between said MPLS VPN 
gateway and CE devices in the subscribers' network can 
also be implennented in the following method: connect 
CE devices to original ISP network through physical 
links, and then connect the CE devices to said MPLS 
VPN via the original ISP network. 
[0015] The connections between said MPLS VPN 
gateway and CE devices in the subscribers' network in- 
clude physical direct connections and 2-layer or 3-layer 
connection implennented via the original ISP network. 
[0016] According to the method of the present inven- 
tion, a service plane of MPLS VPN is built by setting 
MPLS VPN gateways on the basis of original ISP net- 
works, which implements the separation of network 
service plane from the data forwarding plane. In this 
way, original networks can be dedicated to subscriber 
access and data forwarding; while newly appended net- 
works can be dedicated to provision of MPLS VPN serv- 
ices. Thus ISPs can take full advantage of the access 
ability of conventional networks to quickly deliver MPLS 
VPN services at a low cost without modifying conven- 
tional network structure, to enhance competitive power 
and protect conventional investment. 

BRIEF DESCRIPTION OF THE DRAWINGS 

[0017] 

Fig.1 shows the network structure of a conventional 
MPLS VPN; 

Fig. 2 shows the network structure of the MPLS VPN 
constructed according to the method of the present 

invention; 

Fig.3 is the flow chart of the embodiment of the 
method according to the present invention. 

DETAILED DESCRIPTION OF THE EMBODIMENT 

[0018] The present invention is described in further 
detail referring to the following drawings wherein the 
BGP is used: 

[0019] The method of the present invention, on the 
base of conventional ISP network, essentially utilizes a 
conventional ISP network as the data forwarding plane 
and overlap a service network on the plane to construct 
a network service plane, i.e., deploy less MPLS VPN 
gateways at the demarcation between the conventional 
ISP network and other ISP networks, to take full advan- 
tage of the access ability of the conventional ISP net- 
work to connect subscribers' network to the MPLS VPN 
gateway(s) through direct physical links, 2-layer or 


3-layer connection method. The MPLS VPN gateways 
are responsible for processing all local MPLS/BGP VPN 
services and providing MPLS/BGP VPN service ability 
at a low cost without modifying conventional network 

5 structure, to quickly provide MPLS/BGP VPN services 
and enhance competitive power. 
[0020] Fig.3 is the flow chart of embodiment of the 
method according to the present invention. According 
to step 1 , one or more MPLS VPN gateways are set be- 

10 tween the ISP network and a superior ISP network/other 
network. The exact number of MPLS VPN gateways set 
depends on the actual traffic of MPLS VPN services. Af- 
ter the MPLS VPN gateway(s) is (are) set, the MPLS 
VPN gateway (s) is (are) connected to the local ISP net- 

15 work and the superior ISP network/other ISP network in 
step 2. In detail, the connections between the local ISP 
network and MPLS VPN gateway(s) are through IP, 
LAN, VLAN, or ATM PVC, for example, if the ISP net- 
work employs an Ethernet in networking, LAN/VLAN 

20 can be used; if the ISP network employs an ATM in net- 
working, ATM PVC can be used; if the ISP network em- 
ploys routers in networking, IP can be used. If the MPLS/ 
BGP VPN services are to be provided across local ISP 
networks, the connection has to be established, and the 

25 connection should support both IP and MPLS capabili- 
ties at the same time. The MPLS VPN gateway of local 
ISP network is interconnected with the superior ISP net- 
work/other ISP device (supporting corresponding sign- 
aling and protocols between MPLS and MPLS/BGP 

30 VPN). Said device and the superior ISP network or/other 
ISP device connected uplink to the local ISP network in 
the conventional MPLS VPN can be the same device. If 
pluralities of MPLS VPN gateways are set, said connec- 
tions can be independent/dependent. In step 3, the 

55 MPLS VPN gateway is connected to CE devices in the 
subscribers' network, and the connections between said 
MPLS VPN gateway and CE devices in the subscribers' 
network can be direct physical links (including Ethernet, 
Digital Data Network (DDN), ATM, etc), or CE devices 

40 in the subscribers' network can be connected to the orig- 
inal ISP network through direct physical links and then 
be connected to the MPLS VPN by using access ability 
of original network, comprising: 

45 2-layer connection (Linkat Link Layer): for example, 
subscribers' CE devices can be connected to the 
MPLS VPN gateway via ATM PVCs or LANA/LAN 
in original ATM or LANSWITCH networks of the ISP. 
3-layer connection (interconnections at Network 
50 Layer): for example, subscribers' CE devices can 
be connected to the MPLS VPN gateway with orig- 
inal tunnel technologies such as IP GRE, IPSEC, or 
L2TP in the ISP network. 

55 [0021] Last, in step 4, corresponding functions on the 
MPLS VPN gateway are put into service to provide 
MPLS VPN services. For a MPLS VPN gateway, all ac- 
cess methods are identical to direct physical link con- 
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nections; when a subscribers' CE device access tine 
MPLS VPN gateway tlirougli various methods, corre- 
sponding functions are activated, which is configured 
similarly to a PE device; when the MPLS/BGP VPN 
services are provided across a plurality of ISP networks, 
the relationship between the MPLS VPN gateway of the 
local ISP network and the devices of other ISPs con- 
nected to the MPLS VPN gateway is identical to the 
"PE-P" relationship in the MPLS/BGP VPN networking 
model. 

[0022] Referring to Fig.2, a network structure con- 
structed according to the method in the present inven- 
tion, wherein the MPLS VPN gateway can be a standard 
PE device (in Fig.2), which has rich access property to 
access to a CE device through various methods; the 
M PLS VPN gateways constitute the service plane of the 
network and are responsible for delivering MPLS/BGP 
VPN services. Wherein: 

X represents a router, Ethernet switch, or ATM de- 
vice, etc., which is not required to support any 
MPLS or MPLS/BGP VPN signaling or protocol; the 
MPLS VPN gateway-based method has no techni- 
cal requirementfor original network structure, which 
may be router networking, ATM switch networking, 
or Ethernet switch networking, etc. X devices con- 
stitute the data forwarding plane of the network and 
are responsible for user access and data forward- 
ing. 

Y represents a connection between a CE device, 
an ISP network device (X) and MPLS VPN gateway 
device, or a connection between an ISP networking 
deice (X) and a MPLS VPN gateway device. Y may 
represent various connections, including IP, LAN/ 
VLAN, or ATM PVC. 

Z represents a connection between MPLS VPN 
gateway devices or a connection between a MPLS 
VPN gateway device and a superior device or other 
ISP devices (supporting MPLS and MPLS/BGP 
VPN signaling and protocols), such a connection is 
required to support both IP and MPLS. 

[0023] In Fig.2, the CE devices may be connected to 
MPLS VPN gateway devices in various methods, which 
comprise direct physical links, 2-layer (link on the Link 
Layer) and 3-layer (interconnections on Network Layer) 
methods. The MPLS VPN gateway are responsible for 
processing of MPLS/BGP VPN services in all local ISP 
networks and providing MPLS/BGP VPN traffic ability. 
[0024] In consideration of MPLS/BGP VPN services 
to be provided across a plurality of ISP networks, the 
MPLS VPN gateway of current ISP network shall be in- 
terconnected with superior ISP or other ISP networks 
(supporting MPLS and MPLS/BGP VPN signaling and 
protocols). Said device and the superior ISP device or 
other ISP device connected uplink to the original local 
ISP network can be the same device. When M PLS/BGP 
VPN services are provided across a plurality of ISP net- 


works, the relationship between the MPLS VPN gate- 
way of the local ISP network and the devices of other 
ISPs connected to the MPLS VPN gateway is the PE-P 
relationship in the MPLS/BGP VPN networking module. 

5 [0025] When MPLS/BGP VPN traffic increases, more 
MPLS VPN gateways can be added gradually in either 
of the following two ways: independent deployment: 
MPLS VPN gateways are independent to each other, 
and Y devices are used in downlink and Z devices are 

10 used in uplink; and dependent deployment: for newly 
added MPLS VPN gateways, Y devices are used in 
downlink, while conventional MPLS VPN gateway de- 
vices are connected in uplink via Z devices. 


Claims 

1 . A Multi Protocol Label Switching Virtual Private Net- 
work (MPLS VPN) gateway-based networking 
method, comprising: 

step 1 : setting one or more Multi Protocol Label 
Switching Virtual Private Network (MPLS VPN) 
gateways between a local Internet Service Pro- 
vider (ISP) network and a superior Internet 
Service Provider (ISP) network/other Internet 
Service Provider (ISP) network; 
step 2: connecting the Multi Protocol Label 
Switching Virtual Private Network (MPLS VPN) 
gateway with the local Internet Service Provider 
(ISP) network and the superior Internet Service 
Provider (ISP) network/other Internet Service 
Provider (ISP) network and connecting the Mul- 
ti Protocol Label Switching Virtual Private Net- 
work (MPLS VPN) gateway with a Custom 
Edge Router (CE) device in the subscribers' 
network according to the network topology; 
step 3: starting corresponding functions on the 
Multi Protocol Label Switching Virtual Private 
Network (MPLS VPN) gateway to provide Multi 
Protocol Label Switching Virtual Private Net- 
work (MPLS VPN) services. 

2. A Multi Protocol Label Switching Virtual Private Net- 
work (MPLS VPN) gateway-based networking 
method of claim 1 , wherein in step 1 , said one or 
more Multi Protocol Label Switching Virtual Private 
Network (MPLS VPN) gateways being set accord- 
ing to the actual traffic of the Multi Protocol Label 
Switching Virtual Private Network (MPLS VPN) 
services. 

3. A Multi Protocol Label Switching Virtual Private Net- 
work (MPLS VPN) gateway-based networking 
method of claim 2, wherein said Multi Protocol Label 
Switching Virtual Private Network (MPLS VPN) 
gateway is connected to the local Internet Service 
Provider (ISP) network via Internet Protocol (IP), 
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Local Area Network (LAN), Virtual Local Area Net- 
work (VLAN), or Asynchronous Transfer Mode Per- 
manent Virtual Connection (ATM PVC). 

4. A Multi Protocol Label Switching Virtual Private Net- 5 
work (MPLS VPN) gateway- based networking 
method of claim 3, wherein The network connection 
between said Multi Protocol Label Switching Virtual 
Private Network (MPLS VPN) gateway and the su- 
perior Internet Service Provider (ISP) network/other io 
network supports both Internet Protocol (IP) and 
Multi Protocol Label Switching (MPLS) protocols. 

5. A Multi Protocol Label Switching Virtual Private Net- 
work (MPLS VPN) gateway-based networking 15 
method of claim 4, wherein the network con nections 
between said Multi Protocol Label Switching Virtual 
Private Network (MPLS VPN) gateway and Custom 
Edge Router (CE) devices in the subscribers' net- 
work are directly connected by a physical links. 20 

6. A Multi Protocol Label Switching Virtual Private Net- 
work (MPLS VPN) gateway-based networking 
method of claim 4, wherein said Multi Protocol Label 
Switching Virtual Private Network (MPLS VPN) 25 
gateway is connected to the Custom Edge Router 
(CE) devices in the subscribers' network by con- 
necting directly the Custom Edge Router (CE) de- 
vices to the original Internet Service Provider (ISP) 
network by a physical link, and connecting the Cus- 30 
tom Edge Router (CE) devices to said Multi Protocol 
Label Switching Virtual Private Network (MPLS 
VPN) via the original Internet Service Provider (ISP) 
network. 

35 

7. A Multi Protocol Label Switching Virtual Private Net- 
work (MPLS VPN) gateway-based networking 
method of claim 5 or 6, wherein said Multi Protocol 
Label Switching Virtual Private Network (MPLS 
VPN) gateway is connected to the Custom Edge 40 
Router (CE) devices in the subscribers' network by 

a physical link directly or a 2-layer or 3-layer con- 
nection implemented by the original Internet Serv- 
ice Provider (ISP) network. 
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